package com.li.o2oSystem.web.local;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.li.o2oSystem.dto.LocalAuthExecution;
import com.li.o2oSystem.entity.LocalAuth;
import com.li.o2oSystem.entity.PersonInfo;
import com.li.o2oSystem.enums.LocalAuthStateEnum;
import com.li.o2oSystem.exceptions.LocalAuthOperationException;
import com.li.o2oSystem.service.LocalAuthService;
import com.li.o2oSystem.util.CodeUtil;
import com.li.o2oSystem.util.HttpServletRequestUtil;

@Controller
@RequestMapping(value="local",method={RequestMethod.GET,RequestMethod.POST})
public class LocalAuthController {
	@Autowired
	private LocalAuthService localAuthService;
	/**
	 * 用户信息和本地账号绑定
	 * @param reqeust
	 * @return
	 */
	@RequestMapping(value="/bindlocalauth",method=RequestMethod.POST)
	@ResponseBody
	private Map<String,Object> bindLocalAuth(HttpServletRequest request){
		Map<String,Object> modelMap = new HashMap<String,Object>();
		//验证码验证
		if(!CodeUtil.checkVerifyCode(request)){
			modelMap.put("success", false);
			modelMap.put("errMsg", "验证码错误！");
			return modelMap;
		}
		//获取输入的账号
		String username = HttpServletRequestUtil.getString(request, "username");
		//获取输入的密码
		String password = HttpServletRequestUtil.getString(request, "password");
		//从session中获取当前用户信息
		PersonInfo user = (PersonInfo) request.getSession().getAttribute("user");
		//非空判断，要求账号，密码，session中的用户，用户id不能为空
		if(username != null && password !=null && user != null && user.getUserId() != null){
			LocalAuth localAuth = new LocalAuth();
			localAuth.setUsername(username);
			localAuth.setPassword(password);
			localAuth.setPersonInfo(user);
			//绑定操作
			LocalAuthExecution lae = localAuthService.bindLocalAuth(localAuth);
			//如果操作状态成功
			if(lae.getState() == LocalAuthStateEnum.SUCCESS.getState()){
				modelMap.put("success", true);
			}
			else{
				modelMap.put("success", false);
				modelMap.put("errMsg", lae.getStateInfo());
			}
		}
		else{
			modelMap.put("success", false);
			modelMap.put("errMsg", "用户信息不能为空");
		}
		return modelMap;
	}
	/**
	 * 修改密码
	 * @param request
	 * @return
	 */
	@RequestMapping(value="/changelocalpwd",method=RequestMethod.POST)
	@ResponseBody
	private Map<String,Object> changeLocalPwd(HttpServletRequest request){
		Map<String,Object> modelMap = new HashMap<>();
		//验证码验证
		if(!CodeUtil.checkVerifyCode(request)){
			modelMap.put("success", false);
			modelMap.put("errMsg", "验证码错误！");
			return modelMap;
		}
		//获取输入的账号
		String username = HttpServletRequestUtil.getString(request, "username");
		//获取输入的密码
		String password = HttpServletRequestUtil.getString(request, "password");
		//获取新密码
		String newPassword = HttpServletRequestUtil.getString(request, "newPassword");
		//从session中获取当前用户信息
		PersonInfo user  = (PersonInfo) request.getSession().getAttribute("user");
		//非空判断，要求账号，密码，session中的用户，用户id,新密码不能为空，及旧密码和新密码不能相同
		if(username != null && password !=null && user != null && user.getUserId() != null && newPassword != null && !password.equals(newPassword)){
			//查看原先的账号是否一致，否则，操作非法
			LocalAuth localAuth = localAuthService.getLocalAuthByUserId(user.getUserId());
			try {
				if(localAuth == null || !username.equals(localAuth.getUsername())){
					modelMap.put("success", false);
					modelMap.put("errMsg", "要修改的账号，非当前登录的账号");
					return modelMap;
				}
				//修改密码
				LocalAuthExecution lae = localAuthService.modifyLocalAuth(user.getUserId(), username, password, newPassword);
				if(lae.getState() == LocalAuthStateEnum.SUCCESS.getState()){
					modelMap.put("success", true);
				}else{
					modelMap.put("success", false);
					modelMap.put("errMsg", lae.getStateInfo());
				}
			} catch (LocalAuthOperationException e) {
				modelMap.put("success", false);
				modelMap.put("errMsg", "修改密码异常"+e.getMessage());
				return modelMap;
			}
		}else{
			modelMap.put("success", false);
			modelMap.put("errMsg", "请输入密码");
		}
		return modelMap;
	}
	/**
	 * 登录校验
	 * @param request
	 * @return
	 */
	@RequestMapping(value="/logincheck",method=RequestMethod.POST)
	@ResponseBody
	private Map<String,Object> loginCheck(HttpServletRequest request){
		Map<String,Object> modelMap = new HashMap<>();
		//获取是否需要进行验证码校验的标识符（即密码错误超过一定次数，需要验证码）
		boolean needVerify = HttpServletRequestUtil.getBoolean(request, "needVerify");
		if(needVerify && !CodeUtil.checkVerifyCode(request)){
			modelMap.put("success", false);
			modelMap.put("errMsg", "验证码错误");
			return modelMap;
		}
		//获取输入的账号
		String username = HttpServletRequestUtil.getString(request, "username");
		//获取输入的密码
		String password = HttpServletRequestUtil.getString(request, "password");
		//非空校验
		if(username != null && password != null){
			//根据传入的账号密码，查询账号
			LocalAuth localAuth = localAuthService.getLocalAuthByUsernameAndPwd(username, password);
			if(localAuth != null){
				//若能获取账号信息，则登录成功
				modelMap.put("success", true);
				//同时设置session信息
				request.getSession().setAttribute("user", localAuth.getPersonInfo());
			}else{
				modelMap.put("success", false);
				modelMap.put("errMsg", "用户名或密码错误");
			}
		}else{
			modelMap.put("success", false);
			modelMap.put("errMsg", "用户名和密码不能为空");
		}
		return modelMap;
	}
	/**
	 * 注销登录
	 * @param request
	 * @return
	 */
	@RequestMapping(value="/logout",method=RequestMethod.POST)
	@ResponseBody
	private Map<String,Object> logout(HttpServletRequest request){
		Map<String,Object> modelMap = new HashMap<>();
		//将session置为空
		request.getSession().setAttribute("user", null);
		modelMap.put("success", true);
		return modelMap;
	}
}
